and the lib will send the request inside the trusted network to the host-in-the-trusted-network.com (bypassing the firewall). In general, the attacker can use any scheme supported by default (such as ​file://, jar:// etc) or use application specific scheme.

Add Comment

This ticket has been modified since you started editing. You should review the
other modifications which have been appended above,
and any conflicts shown in the preview below.
You can nevertheless proceed and submit your changes if you wish so.